November 17, 2023 at 02:23PM
An investigation by a security vendor has confirmed previous reports linking an Indian hack-for-hire group, called Appin, to cyber espionage and surveillance activities. The group, which no longer exists under its original name, targeted businesses, executives, politicians, and government officials around the world. The investigation found evidence of data theft, defacement attacks, and requests to hack into email accounts. Appin’s former employees are now operating similar services. The report sheds light on the hack-for-hire market, which is relatively prolific in countries like India, Russia, and the United Arab Emirates. The investigation also revealed Appin’s use of third-party contractors to obtain and manage infrastructure for carrying out attacks. Despite their activities, the attackers are not considered highly sophisticated compared to advanced persistent threats or criminal organizations.
Key takeaways from the meeting notes:
– A security vendor’s review confirmed previous reports connecting an Indian hack-for-hire group called Appin to various incidents of cyber espionage and surveillance.
– Appin, although no longer in its original form, had hacked into computers belonging to businesses, politicians, high-value individuals, and government officials globally.
– The group had clients worldwide, including private investigators, detectives, government organizations, and corporations involved in major litigation battles.
– Reuters journalists collected detailed information on Appin’s operations and clients, including a site called “MyCommando” where clients ordered hacking services.
– Appin was linked to several hacking incidents, such as leakage of private emails that affected a casino deal and an intrusion involving a consultant trying to bring the soccer World Cup to Australia.
– SentinelOne’s review of the data further corroborated the links between Appin and data theft incidents, including stealing emails from Chinese and Pakistani government officials.
– Appin utilized third-party contractors to acquire and manage the infrastructure for carrying out attacks.
– The group sourced its toolkit from various sources, including private spyware sellers and exploit services.
– Appin offered services like keylogging, account credential phishing, website defacement, SEO manipulation, and password cracking.
– The hack-for-hire industry in India during that time displayed creativity but lacked sophistication compared to advanced persistent threats or criminal organizations.